Fake attachments that pretend to be images receive thousands of downloads

In the following screenshots you can see the statistics of a malicious link that is spreading through different means, mainly spam emails that have the following format:

Fake email that simulates having images attached

The message simulates containing attachments but in reality, these supposed annexes are simple repeated links that initiate the download of a Trojan, on the blog I have commented on several cases of this type, such as infidelity or payment vouchers, it is very likely that you have received one.

Attackers used the qr.net service to shorten the URL and can be seen your statistics, the link has been active for 3 months and only in the last 3 days more than 10 thousand people clicked on him:

Clicks in the last 31 days

You can also see on a map that the Trojan has spread throughout the world, mainly in Brazil:

Places where the Trojan has been downloaded

What is downloaded is a Trojan called fotos_book02.com (VT 17/44), COM files are a type of executable file. Many users, despite having Windows extensions enabled, confuse them with the .com endings of the internet pages and double-click them believing that they are simply part of the name:

The .COM file is a type of executable file

Be careful with links and attachments received in unsolicited emails, as always recommended, do not click if you do not know why they send them. Also keep in mind that they can be spread by different means such as messages on Twitter, Facebook, chats or simple comments left on a web page.

Thanks Federico for sending it.